SharePoint Online: Find All Lists with Unique Permissions using PowerShell

Requirement: Get All Lists and Libraries with Unique Permissions using PowerShell.

How do you check if a list uses Unique permissions or inherits permissions from the parent?

To get if a list or library has unique permissions, follow these steps:

  1. Navigate to the list and then go to List or Library Settings.
  2. Click on the “Permissions for this List/Document library” link on the List settings page.
  3. The list settings page provides information on whether the list has unique permissions. If the list or library has unique permissions, you’ll get the text “This list/library has unique permissions”; otherwise, “This list/library inherits permissions from its parent.”
    sharepoint online find unique permission lists

Check If the List or Library has Unique Permissions using PowerShell: 

Let’s check if the given list has unique permissions.

#Load SharePoint CSOM Assemblies
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"

#Define Parameter values
$SiteURL="https://crescent.sharepoint.com/sites/retail"
$ListName="Documents"

#Setup Credentials to connect
$Cred= Get-Credential
$Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.Username, $Cred.Password)

#Setup the context
$Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
$Ctx.Credentials = $Credentials
        
#Get the List
$List = $Ctx.Web.Lists.GetByTitle($ListName)
$Ctx.Load($List)
$Ctx.ExecuteQuery()

#Check if list has unique permissions
$List.Retrieve("HasUniqueRoleAssignments")
$Ctx.ExecuteQuery()

Write-Host "List has Unique Permissions?": $List.HasUniqueRoleAssignments

Find All Lists and Libraries with Unique Permissions in a SharePoint Online Site:

Let’s modify the script a bit to get all unique permission-ed lists and libraries from a SharePoint Online site. To find all lists and libraries with unique permissions in SharePoint Online using PowerShell, you can use the following script:

#Load SharePoint CSOM Assemblies
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"

#Define Parameter values
$SiteURL="https://crescent.sharepoint.com"

Try {
    #Setup Credentials to connect
    $Cred= Get-Credential
    $Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.Username, $Cred.Password)

    #Setup the context
    $Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
    $Ctx.Credentials = $Credentials
        
    #Get All Lists of the web
    $ListCollection = $Ctx.Web.Lists
    $Ctx.Load($ListCollection)
    $Ctx.ExecuteQuery()

    #Iterate through each list - Ignore Hidden Lists
    ForEach($List in $ListCollection | Where {$_.Hidden -eq $False})
    {
        #Check if list has unique permissions
        $List.Retrieve("HasUniqueRoleAssignments")
        $Ctx.ExecuteQuery()
        If($List.HasUniqueRoleAssignments -eq $true)
        {
            Write-Host -f Green "List '$($List.Title)' has Unique Permissions"
        }
        else
        {
            Write-Host -f Yellow "List '$($List.Title)' is inhering Permissions from the Parent"
        }
    }
}
Catch {
    write-host -f Red "Error Checking Unique Permissions!" $_.Exception.Message
}

This script will connect to your SharePoint Online site, get all lists and libraries in the site, and then loop through each list to check if it has unique permissions. If a list has unique permissions, its title will be displayed in the console.

PnP PowerShell: Get All Lists and Libraries with Unique Permission

This time, let’s get all lists and libraries with unique permissions from a SharePoint Online site collection.

#Function to Get Lists and Libraries with Unique Permission from a Site collection
Function Get-UniquePermissionLists($SiteURL)
{
    #Connect to SharePoint Online Site from PnP Online
    Connect-PnPOnline -Url $SiteURL -Interactive

    #Function to Get Lists with Unique Permissions from the web
    Function Get-PnPUniquePermissionLists([Microsoft.SharePoint.Client.Web]$Web)
    {
        Write-host "Searching Lists and Libraries with Unique Permissions at:"$Web.Url -f Yellow
        Connect-PnPOnline -Url $Web.URL -Interactive
        #Get All Lists from the web
        $Lists = Get-PnPList -Includes HasUniqueRoleAssignments
    
        #Exclude system lists
        $ExcludedLists = @("Content and Structure Reports","Form Templates","Images","Pages","Preservation Hold Library", "Site Pages", "Site Assets",
                             "Site Collection Documents", "Site Collection Images","Style Library","Reusable Content","Workflow History","Workflow Tasks")
              
        #Iterate through lists
        ForEach($List in $Lists)
        {
            #Filter Lists - Exclude System Lists, hiddenlists and get only lists with unique permissions
            If($List.Hidden -eq $False -and $ExcludedLists -notcontains $List.Title -and $List.HasUniqueRoleAssignments)
            {
                Write-host "`tFound a List '$($List.Title)' with Unique Permission at '$($List.RootFolder.ServerRelativeUrl)'" -f Green
            }
        }
    }
    #Call the function for Each Web
    Get-PnPSubWeb -Recurse -IncludeRootWeb | ForEach-Object { Get-PnPUniquePermissionLists($_)}    
 }

#Call the function
Get-UniquePermissionLists "https://Crescent.sharepoint.com/Sites/Marketing"

These scripts get you all lists and libraries with unique permissions. To delete unique permissions from SharePoint Online using PowerShell, use: SharePoint Online: Remove Unique Permissions from List using PowerShell

Salaudeen Rajack

Salaudeen Rajack - Information Technology Expert with Two-decades of hands-on experience, specializing in SharePoint, PowerShell, Microsoft 365, and related products. He has held various positions including SharePoint Architect, Administrator, Developer and consultant, has helped many organizations to implement and optimize SharePoint solutions. Known for his deep technical expertise, He's passionate about sharing the knowledge and insights to help others, through the real-world articles!

Leave a Reply

Your email address will not be published. Required fields are marked *